Ensom Hodder
Reputation: 1548
How to pass non-string values into a prepared statement in PHP
I have a few lines of code below to execute a prepared statement with PHP on my PostgreSQL database. However, it fails because some values are automatically converted to string while in my case, the uid and edu_year should be integers:
$query = "INSERT INTO education(uid, year, diploma, school, major)
VALUES ($1, $2, $3, $4, $5)";
pg_prepare($conn, "my_query", $query);
pg_execute($conn, "my_query", array($_SESSION['uid'], $_POST['edu_year'][$i],
$_POST['edu_diploma'][$i], $_POST['edu_school'][$i], $_POST['edu_major'][$i]));
Does anyone know how to make this work, or is there another, more preferred way of achieving this?
Upvotes: 2
Views: 217
Answers (1)
xdazz
Reputation: 160843
You just need to case them into integer:
pg_execute($conn, "my_query", array((int)$_SESSION['uid'], (int)$_POST['edu_year'][$i], $_POST['edu_diploma'][$i], $_POST['edu_school'][$i], $_POST['edu_major'][$i]));
Upvotes: 1
Related Questions
- How to use prepared statements with Postgres
- PHP PostgreSQL prepared statement without parameters
- PHP PDO (PostgreSQL): can't get multiple parameters to work
- Prepared statement with an array field PostgreSQL&PHP
- Supply a prepared statement with an array
- Using String Literals in Prepared Statements Postgres
- How to make dynamic postgres prepared statements in PHP
- Postgres prepared statements with varying fields
- PHP prepared postgres query fails with:"could not determine data type of parameter $1"
- Postgres/PHP PDO::PDOStatement->bindParam() to character(1) field